Senior Manager, Audit & Regulatory Governance - Technology
Provides Oversight and primary liaison for all Cybersecurity audit & regulatory engagements.
- Take ownership of the first line cyber regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with best practice
- Act as the point of contact for all cyber related Internal Audit and External audit actions undertaken.
- Responsible for developing and maintaining a central repository of Cybersecurity regulatory guidance aligned to NIST FSSCC and Cybersecurity Standards with workflow delivering timely evidence and responses to regulatory exams, questionnaires, and assessments.
- Develop a centralised repository of Cybersecurity audit & regulatory evidence and responses for re-use and with reporting.
- Responsible for developing and maintaining a combined (COMCO) central repository of customer responses (RFIâ€™s) to NIST FSSCC with workflow delivering timely, consistent responses to RFIs.
- Develop a centralised repository of RFI responses for re-use and with reporting.
- Engage partners in governance forums for awareness and resolve critical issues.
- Work closely with Compliance and second line of defence teams to ensure all regulatory and customer responses are addressed in a timely manner.
- Oversight and management of direct reports required to deliver against LSEGâ€™s regulatory and customer obligations.
- Work with senior stakeholder management to ensure conformance with Regulatory, Company and Industry standards
- Reporting regular updates to relevant committees and management teams, including producing the required Metrics
- The role is expected to motivate and lead a team of analysts and will be seen by stakeholders as a trusted partner in a 'high support and high challenge' relationship.
- Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
- Understanding of key regulatory requirements for technology and cyber security in the main LSEG operating centres
- Cyber security qualification e.g. CISSP / CISM (desirable)
- Information Security auditing qualification e.g. CISA (desirable)
- Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
- Degree or Masters qualification in Cyber, Information Security or IT management (desirable)